raster pushed a commit to branch master. http://git.enlightenment.org/core/efl.git/commit/?id=a238272f0067f3664dfc0178baecea57a234b15c
commit a238272f0067f3664dfc0178baecea57a234b15c Author: Shinwoo Kim <[email protected]> Date: Mon Jul 31 15:50:48 2017 +0900 eldbus: check message serial before using Summary: Whatever the dbus_connection_send_with_reply returns, the serial value should be checked, because if the seral value is invalid a process could be aborted. There is backtrace as below. The dbus_connection_send_with_reply could return TRUE even though it has a problem. Please refer to following comment: /* Refuse to send fds on a connection that cannot handle them. Unfortunately we cannot return a proper error here, so the best we can do is return TRUE but leave *pending_return as NULL. */ Test Plan: There is not a exact reproduce step. If the Tizen login manager is relaunched repeatedly, then the dbus and other service processes are relaunched. If a service process tries to use dbus when the dbus has problem as above, then it could be possilbe to get above backtrace. Reviewers: raster, zehortigoza Subscribers: cedric, jpeg Differential Revision: https://phab.enlightenment.org/D5053 @fix --- src/lib/eldbus/eldbus_pending.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/src/lib/eldbus/eldbus_pending.c b/src/lib/eldbus/eldbus_pending.c index 69ea322fc7..ecf65db100 100644 --- a/src/lib/eldbus/eldbus_pending.c +++ b/src/lib/eldbus/eldbus_pending.c @@ -113,6 +113,20 @@ eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mess return pending; } +Eldbus_Message * +_eldbus_message_error_get(const Eldbus_Message *msg, const char *error_name, const char *error_msg) +{ + int32_t serial; + + serial = dbus_message_get_serial(msg->dbus_msg); + if (serial == 0) + { + return NULL; + } + + return eldbus_message_error_new(msg, error_name, error_msg); +} + /* * On success @param msg is unref'd or its ref is stolen by the returned * Eldbus_Pending. @@ -152,15 +166,15 @@ _eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mes msg->dbus_msg, &pending->dbus_pending, timeout)) { - error_msg = eldbus_message_error_new(msg, "org.enlightenment.DBus.NoConnection", - "Eldbus_Connection was closed."); + error_msg = _eldbus_message_error_get(msg, "org.enlightenment.DBus.NoConnection", + "Eldbus_Connection was closed."); eldbus_pending_dispatch(pending, error_msg); return NULL; } if (!pending->dbus_pending) { - error_msg = eldbus_message_error_new(msg, "org.enlightenment.DBus.Error", - "dbus_pending is NULL."); + error_msg = _eldbus_message_error_get(msg, "org.enlightenment.DBus.Error", + "dbus_pending is NULL."); eldbus_pending_dispatch(pending, error_msg); return NULL; } @@ -168,9 +182,9 @@ _eldbus_connection_send(Eldbus_Connection *conn, Eldbus_Message *msg, Eldbus_Mes return pending; dbus_pending_call_cancel(pending->dbus_pending); - error_msg = eldbus_message_error_new(pending->msg_sent, - "org.enlightenment.DBus.Error", - "Error when try set callback to message."); + error_msg = _eldbus_message_error_get(pending->msg_sent, + "org.enlightenment.DBus.Error", + "Error when try set callback to message."); eldbus_pending_dispatch(pending, error_msg); return NULL; } --
